mirror of
https://github.com/The-Art-of-Hacking/h4cker.git
synced 2024-12-26 23:59:31 -05:00
3.8 KiB
3.8 KiB
Additinal Docker Security Tools and Resources
- Anchor Engine - Analyze images for CVE vulnerabilities and against custom security policies by @Anchor
- Aqua Security 💲 - Securing container-based applications from Dev to Production on any platform
- bane - AppArmor profile generator for Docker containers by [@genuinetools][genuinetools]
- CIS Docker Benchmark - This [InSpec][inspec] compliance profile implement the CIS Docker 1.12.0 Benchmark in an automated way to provide security best-practice tests around Docker daemon and containers in a production environment. By @dev-sec
- Clair - Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers. By [@coreos][coreos]
- Dagda - Dagda is a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities. By @eliasgranderubio
- Deepfence Enterprise 💲 - Full life cycle Cloud Native Workload Protection platform for kubernetes, virtual machines and serverless. By @deepfence
- Deepfence Threat Mapper - Powerful runtime vulnerability scanner for kubernetes, virtual machines and serverless.
- docker-bench-security - script that checks for dozens of common best-practices around deploying Docker containers in production.
- docker-explorer - A tool to help forensicate offline docker acquisitions by Google
- docker-lock - A cli-plugin for docker to automatically manage image digests by tracking them in a separate Lockfile. By [@safe-waters][safe-waters]
- notary - a server and a client for running and interacting with trusted collections.
- oscap-docker - OpenSCAP provides oscap-docker tool which is used to scan Docker containers and images. By OpenSCAP
- Phonito Security 💲 - a Docker vulnerability scanner with constant Kubernetes monitoring and pipeline integration.
- Prisma Cloud 💲 - (previously Twistlock Security Suite) detects vulnerabilities, hardens container images, and enforces security policies across the lifecycle of applications.
- Sysdig Falco - Sysdig Falco is an open source container security monitor. It can monitor application, container, host, and network activity and alert on unauthorized activity.
- Sysdig Secure 💲 - Sysdig Secure addresses run-time security through behavioral monitoring and defense, and provides deep forensics based on open source Sysdig for incident response.
- Trend Micro DeepSecurity 💲 - Trend Micro DeepSecurity offers runtime protection for container workloads and hosts as well as preruntime scanning of images to identify vulnerabilities, malware and content such as hardcoded secrets.
- Trivy - Aqua Security's open source simple and comprehensive vulnerability scanner for containers (suitable for CI).